Lead IT & Compliance

Experience: 4.00 + years

Salary: Confidential (based on experience)

Shift: (GMT+05:30) Asia/Kolkata (IST)

Opportunity Type: Hybrid ()

Placement Type: Full time Permanent Position

(*Note: This is a requirement for one of Uplers client - Phyllo)

What do you need for this opportunity

Must have skills required:

IT Compliance, GRC, Information Security, SOC, SOC 2, ISO 27001, Startup, Fintech, SaaS

Phyllo is Looking for:

Lead IT & Compliance

Location: Bangalore, Karnataka, India

About Us

Phyllo is a data gateway that allows social data to be accessed from source platforms (e.g. YouTube,

Twitch, Upwork, Shopify, etc.). We build the underlying infrastructure that connects with every

creator platform, maintain a live data feed to the systems used by these platforms to manage

creators data, and provide a normalized data set so that businesses can use creators data in a simple

yet impactful way. Website: https://www.getphyllo.com/

About The Role

We are looking for a high ownership-driven and hands-on Lead IT & Compliance to lead and

manage the organization's complete internal IT, Governance, Compliance, SaaS Operations,

Identity & Access management, Endpoint Security, Procurement, and IT Operational Ecosystem.

This is a strategic and execution-heavy role responsible for ensuring: secure and scalable IT

Operations, Compliance Readiness, Enterprise Saas Governance, Access Management, Endpoint

Security, Audit Preparedness, Vendor Governance, And Overall It Operational Excellence.

Comfortable operating in a fast-paced startup environment and can independently manage

everything IT—from onboarding laptops and troubleshooting enterprise tools to leading

SOC2/ISO audits and driving security governance initiatives.

What you'll be expected to do

• Governance, Risk & Compliance (GRC) :
• Lead organization-wide compliance initiatives including:
  
  

○ SOC 2

○ ISO 27001

○ GDPR

○ customer/vendor security assessments

○ internal IT audits

• Own and manage compliance automation platforms such as Scrut
• Maintain and improve:
  
  

○ Policies

○ SOPs

○ security controls

○ evidence repositories

○ audit documentation

• Coordinate with legal, HR, engineering, finance, and leadership teams for audit
  
  

readiness

• Conduct risk assessments and remediation tracking
• Manage customer security questionnaires and compliance requests
• Drive security awareness and compliance training initiatives
• Partner with legal teams for:
  
  

○ DPA reviews

○ vendor agreements

○ compliance obligations

○ contractual security requirements

• Identity & Access Management (IAM) :
• Manage end-to-end user lifecycle:
  
  

○ Onboarding

○ Offboarding

○ access changes

○ privileged access reviews

• Provision and manage access across:
  
  

○ Google Workspace (Gsuite)

○ Microsoft 365

○ Azure / Entra ID

○ GCP

○ Enterprise SaaS applications

• Implement and manage:
  
  

○ SSO

○ MFA

○ RBAC

○ SCIM provisioning

○ Conditional Access policies

• Conduct periodic access audits and governance reviews
• Troubleshoot authentication and identity-related issues
• Drive Zero Trust access governance practices
• IT Operations & Enterprise Administration :
• Administer and support:
  
  

○ Google Workspace

○ Microsoft 365

○ Azure / Entra ID

○ Google Cloud Platform (GCP)

○ Collaboration tools

○ Productivity platforms

○ Enterprise SaaS ecosystem

• Manage:
  
  

○ Email security

○ Distribution groups

○ Enterprise configurations

○ SaaS integrations

○ licensing and subscriptions

• Troubleshoot enterprise IT and SaaS platform issues across departments
• Ensure operational uptime, reliability, and scalability of enterprise IT systems
• Drive IT process automation and operational efficiency initiatives
• Endpoint Security & Device Management
• Manage endpoint governance and device compliance programs
• Administer MDM/endpoint management platforms such as:
  
  

○ Sophos

○ Sentinel

○ or equivalent tools

• Coordinate endpoint hardening, device security baselines, and compliance
  
  

enforcement

• Support EDR/security tooling deployment and operational coordination
• Manage:
  
  

○ laptop lifecycle

○ device inventory

○ security compliance

○ secure decommissioning

• Implement and maintain:
  
  

○ BYOD policies

○ endpoint security standards

○ encryption compliance

• IT Asset Management & Procurement
• Own end-to-end IT asset lifecycle management:
  
  

○ Procurement

○ Allocation

○ Tracking

○ Recovery

○ Disposal

• Maintain inventory of:
  
  

○ Laptops

○ Peripherals

○ enterprise licenses

○ SaaS subscriptions

• Manage vendor relationships and procurement workflows
• Optimize SaaS licensing utilization and costs
• Coordinate hardware provisioning for onboarding/offboarding processes
• Maintain procurement governance and approval workflows
• SaaS Governance & AI Tool Governance
• Own governance and administration of enterprise SaaS applications
• Monitor and manage:
  
  

○ SaaS sprawl

○ shadow IT

○ unauthorized tool usage

• Establish governance for AI-enabled productivity and enterprise tools
• Ensure secure handling of organizational data across SaaS platforms
• Optimize SaaS utilization, access governance, and subscription costs
• Security Operations & Incident Coordination
• Coordinate IT-related security incidents including:
  
  

○ phishing response

○ access compromise

○ insider access revocation

○ lost/stolen devices

• Partner with security teams on:
  
  

○ incident response

○ vulnerability remediation

○ operational security initiatives

• Support business continuity and disaster recovery readiness
• Maintain audit trails, operational logs, and governance records
  
  

You'll be a good fit if

• 5–7 years of experience in: IT Operations, GRC, IT Compliance, IAM, Enterprise IT
  
  

Administration, SaaS Operations

• Strong hands-on experience with: Google Workspace, Microsoft 365, Azure / Entra ID,
  
  

GCP, Scrut or equivalent compliance platforms

• Experience leading: SOC 2, ISO 27001, Audit programs, security assessments, risk
  
  

management initiatives, VAPT.

• Strong understanding of: IAM, SSO, MFA, RBAC, SCIM, Zero Trust concepts
• Experience with: endpoint management, MDM solutions, IT asset management,
  
  

procurement operations

• Strong troubleshooting, stakeholder management, and operational ownership skills
• Ability to independently manage cross-functional IT and compliance operations in startup
  
  

environments

• Worked in a Start-up environment and is willing to work as an IC
  
  

Preferred Qualifications

• Experience working in startup or high-growth SaaS organizations
• Familiarity with:
  
  

○ EDR/XDR platforms

○ cloud security tooling

• Certifications such as:
  
  

○ ISO 27001 Lead Implementer/Auditor

○ CISA

○ CRISC

○ Microsoft/Azure certifications

○ Google Workspace administration certifications

• Experience automating IT/GRC workflows and operational processes
  
  

What we offer

• Hybrid Working Environment: Work both from the office and remotely as needed for a
  
  

better work-life balance

• Flexible Hours: Choose to work in the hours you feel the most productive
• Innovate and Evolve: We're building a high-growth, high-autonomy culture. We rely less
  
  

on job titles and more on cultivating an environment where anyone can contribute, the best

ideas win, and personal growth is driven by expanding impact

What's in it for you

We invest in our people and believe in hiring for high-potential and humble individuals who can

rapidly grow their responsibilities as the company scales. You will infuse insights and ideas into

business decision-making, solutions strategy, and the innovation roadmap for each product.

If You are someone who: thrives in high-ownership startup environments, can independently

manage broad IT and compliance responsibilities, balances governance with operational

practicality, is equally comfortable with audits and hands-on troubleshooting, can build scalable

internal IT processes from the ground up, and can act as the central owner for enterprise IT,

compliance, and operational governance, Phyllo is the perfect place for you!!

How to apply for this opportunity

• Step 1: Click On Apply! And Register or Login on our portal.
• Step 2: Complete the Screening Form & Upload updated Resume
• Step 3: Increase your chances to get shortlisted & meet the client for the Interview!
  
  

About Uplers:


Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement.

(Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well).

So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!